Connect GitLab

Connect Oplane to your GitLab projects to enable automated threat modeling on merge requests. No app installation required, just sign in with your GitLab account.

Step 1: Open Workspaces

Navigate to Workspaces in the left sidebar and click the + Workspace button in the top right corner.

Oplane Workspaces page showing all workspaces

Step 2: Create a Managed Workspace

Select Managed Workspace and under Git Repository, click Continue with Gitlab to connect your account.

Create new workspace with Managed Workspace selected, showing Git provider sign-in options

Step 3: Sign in to GitLab

You'll be redirected to GitLab to sign in. Enter your credentials or use one of the alternative sign-in methods (Google, GitHub, Bitbucket, Salesforce, or Passkey).

Once authenticated, you'll be redirected back to Oplane where your GitLab account will be connected.

Step 4: Select a Project

Back in Oplane, select your group from the dropdown and search for the project you want to connect.

Workspace creation showing group dropdown and project search

Note: Only GitLab projects where you are Maintainer or Owner are listed. This access level is required to create a project access token.

Step 5: Configure the Workspace

Once connected, configure your workspace settings:

Analyse Pull Requests: Enable to automatically threat model every MR. If disabled, you can still trigger reviews by mentioning @oplane in an MR comment.
Access: Add team members who should have access to this workspace.

Click Create when ready.

Workspace configuration showing connected GitLab project, MR analysis toggle, and access settings

Step 6: Choose Threat Models

Oplane analyses your repository and suggests threat models based on the codebase. Select the ones relevant to your project, or describe your own scope.

Workspace setup suggesting threat models based on repository analysis

What's next? Learn how Oplane reviews your merge requests in the Pull & Merge Requests guide.